//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//

package org.flowable.ui.modeler.conf;

import org.flowable.ui.common.properties.FlowableRestAppProperties;
import org.flowable.ui.common.security.ApiHttpSecurityCustomizer;
import org.flowable.ui.modeler.properties.FlowableModelerAppProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl;
import org.springframework.security.config.http.SessionCreationPolicy;

@Configuration(
        proxyBeanMethods = false
)
public class ModelerSecurityConfiguration {
    public ModelerSecurityConfiguration() {
    }

    @Configuration
    @Order(3)
    public static class ModelerApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
        protected final FlowableRestAppProperties restAppProperties;
        protected final FlowableModelerAppProperties modelerAppProperties;
        protected final ApiHttpSecurityCustomizer apiHttpSecurityCustomizer;

        public ModelerApiWebSecurityConfigurationAdapter(FlowableRestAppProperties restAppProperties, FlowableModelerAppProperties modelerAppProperties, ApiHttpSecurityCustomizer apiHttpSecurityCustomizer) {
            this.restAppProperties = restAppProperties;
            this.modelerAppProperties = modelerAppProperties;
            this.apiHttpSecurityCustomizer = apiHttpSecurityCustomizer;
        }

        protected void configure(HttpSecurity http) throws Exception {
            ((HttpSecurity)http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()).csrf().disable();
            if (this.modelerAppProperties.isRestEnabled()) {
                if (this.restAppProperties.isVerifyRestApiPrivilege()) {
                    ((AuthorizedUrl)http.antMatcher("/api/editor/**").authorizeRequests().antMatchers(new String[]{"/api/editor/**"})).hasAuthority("access-rest-api");
                } else {
                    ((AuthorizedUrl)http.antMatcher("/api/editor/**").authorizeRequests().antMatchers(new String[]{"/api/editor/**"})).authenticated();
                }

                this.apiHttpSecurityCustomizer.customize(http);
            } else {
                ((AuthorizedUrl)http.antMatcher("/api/editor/**").authorizeRequests().antMatchers(new String[]{"/api/editor/**"})).denyAll();
            }

        }
    }
}
